Vulnerabilities > CVE-2006-5066 - Cross-Site Scripting vulnerability in Danphpsupport 0.5

047910
CVSS 5.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
danphpsupport
exploit available
NVD
Published: 2006-09-28
Updated: 2018-10-17

Summary

Multiple cross-site scripting (XSS) vulnerabilities in DanPHPSupport 0.5, and other versions before 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter in index.php or the (2) do parameter in admin.php.

Vulnerable Configurations

Part Description Count
Application
Danphpsupport
1

Exploit-Db

  • descriptionDanPHPSupport 0.5 admin.php do Parameter XSS. CVE-2006-5066. Webapps exploit for php platform
    idEDB-ID:28671
    last seen2016-02-03
    modified2006-09-25
    published2006-09-25
    reporterYou_You
    sourcehttps://www.exploit-db.com/download/28671/
    titleDanPHPSupport 0.5 admin.php do Parameter XSS
  • descriptionDanPHPSupport 0.5 index.php page Parameter XSS. CVE-2006-5066. Webapps exploit for php platform
    idEDB-ID:28670
    last seen2016-02-03
    modified2006-09-25
    published2006-09-25
    reporterYou_You
    sourcehttps://www.exploit-db.com/download/28670/
    titleDanPHPSupport 0.5 index.php page Parameter XSS

References